TailScale install(ft. proxmox)# Virtualation/Docker2024. 4. 22. 15:21
Table of Contents
728x90
반응형
proxmox접속
LXC 이미지 다운로드 및 생성
pveam download local centos-9-stream-default_20221109_amd64.tar.xzpct create 999 local:vztmpl/centos-9-stream-default_20221109_amd64.tar.xz \
--description ct999 --hostname ct999 --memory 512 --rootfs local-lvm:8 \
--cores 1 --net0 name=eth0,bridge=vmbr0,ip=dhcp --unprivileged 1 \
--password 12345 --features nesting=1
LXC접속 tailscale설치
[root@ct999 ~]# yum install epel-release
[root@ct999 ~]# dnf config-manager --add-repo https://pkgs.tailscale.com/stable/centos/9/tailscale.repo
[root@ct999 ~]# sudo dnf install tailscale
Tailscale stable 565 B/s | 832 B 00:01
Tailscale stable 4.7 kB/s | 3.1 kB 00:00
Importing GPG key 0x957F5868:
Userid : "Tailscale Inc. (Package repository signing key) <info@tailscale.com>"
Fingerprint: 2596 A99E AAB3 3821 893C 0A79 458C A832 957F 5868
From : https://pkgs.tailscale.com/stable/centos/9/repo.gpg
Is this ok [y/N]: y
Tailscale stable 5.7 kB/s | 14 kB 00:02
Last metadata expiration check: 0:00:01 ago on Mon 22 Apr 2024 06:56:44 AM UTC.
Dependencies resolved.
========================================================================================================================================================================
Package Architecture Version Repository Size
========================================================================================================================================================================
Installing:
tailscale x86_64 1.64.0-1 tailscale-stable 27 M
Installing dependencies:
iptables-legacy x86_64 1.8.10-2.2.el9.next epel-next 49 k
iptables-legacy-libs x86_64 1.8.10-2.2.el9.next epel-next 37 k
iptables-libs x86_64 1.8.10-2.el9 baseos 461 k
libnetfilter_conntrack x86_64 1.0.9-1.el9 baseos 59 k
libnfnetlink x86_64 1.0.1-21.el9 baseos 30 k
Transaction Summary
========================================================================================================================================================================
Install 6 Packages
Total download size: 27 M
Installed size: 50 M
Is this ok [y/N]: y
Downloading Packages:
(1/6): libnfnetlink-1.0.1-21.el9.x86_64.rpm 142 kB/s | 30 kB 00:00
(2/6): libnetfilter_conntrack-1.0.9-1.el9.x86_64.rpm 250 kB/s | 59 kB 00:00
(3/6): iptables-legacy-1.8.10-2.2.el9.next.x86_64.rpm 234 kB/s | 49 kB 00:00
(4/6): iptables-libs-1.8.10-2.el9.x86_64.rpm 1.0 MB/s | 461 kB 00:00
(5/6): iptables-legacy-libs-1.8.10-2.2.el9.next.x86_64.rpm 159 kB/s | 37 kB 00:00
(6/6): tailscale_1.64.0_x86_64.rpm 6.3 MB/s | 27 MB 00:04
------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 4.4 MB/s | 27 MB 00:06
Extra Packages for Enterprise Linux 9 - Next - x86_64 210 kB/s | 1.6 kB 00:00
Importing GPG key 0x3228467C:
Userid : "Fedora (epel9) <epel@fedoraproject.org>"
Fingerprint: FF8A D134 4597 106E CE81 3B91 8A38 72BF 3228 467C
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-9
Is this ok [y/N]: y
Key imported successfully
Tailscale stable 5.3 kB/s | 3.1 kB 00:00
Importing GPG key 0x957F5868:
Userid : "Tailscale Inc. (Package repository signing key) <info@tailscale.com>"
Fingerprint: 2596 A99E AAB3 3821 893C 0A79 458C A832 957F 5868
From : https://pkgs.tailscale.com/stable/centos/9/repo.gpg
Is this ok [y/N]: y
Key imported successfully
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : iptables-legacy-libs-1.8.10-2.2.el9.next.x86_64 1/6
Installing : libnfnetlink-1.0.1-21.el9.x86_64 2/6
Installing : libnetfilter_conntrack-1.0.9-1.el9.x86_64 3/6
Installing : iptables-libs-1.8.10-2.el9.x86_64 4/6
Installing : iptables-legacy-1.8.10-2.2.el9.next.x86_64 5/6
Running scriptlet: iptables-legacy-1.8.10-2.2.el9.next.x86_64 5/6
Installing : tailscale-1.64.0-1.x86_64 6/6
Running scriptlet: tailscale-1.64.0-1.x86_64 6/6
Verifying : iptables-libs-1.8.10-2.el9.x86_64 1/6
Verifying : libnetfilter_conntrack-1.0.9-1.el9.x86_64 2/6
Verifying : libnfnetlink-1.0.1-21.el9.x86_64 3/6
Verifying : iptables-legacy-1.8.10-2.2.el9.next.x86_64 4/6
Verifying : iptables-legacy-libs-1.8.10-2.2.el9.next.x86_64 5/6
Verifying : tailscale-1.64.0-1.x86_64 6/6
Installed:
iptables-legacy-1.8.10-2.2.el9.next.x86_64 iptables-legacy-libs-1.8.10-2.2.el9.next.x86_64 iptables-libs-1.8.10-2.el9.x86_64
libnetfilter_conntrack-1.0.9-1.el9.x86_64 libnfnetlink-1.0.1-21.el9.x86_64 tailscale-1.64.0-1.x86_64
Complete!
[root@ct999 ~]# sudo systemctl enable --now tailscaled
Created symlink /etc/systemd/system/multi-user.target.wants/tailscaled.service → /usr/lib/systemd/system/tailscaled.service.
[root@ct999 ~]# sudo tailscale up
[root@ct999 ~]# sudo tailscale up --advertise-routes=192.168.0.0/24
실행오류
[root@ct999 ~]# cat /etc/redhat-release
CentOS Stream release 9[root@ct999 ~]# tailscale version
1.64.0
tailscale commit: 7e9bebdb2470dfbb6e08a3f12a289a7d88128dfb
other commit: f314c5be5350431460b89f703275de6b89a30460
go version: go1.22.2[root@ct999 ~]# systemctl status tailscaled
× tailscaled.service - Tailscale node agent
Loaded: loaded (/usr/lib/systemd/system/tailscaled.service; enabled; preset: disabled)
Active: failed (Result: exit-code) since Mon 2024-04-22 06:57:24 UTC; 10min ago
Duration: 635ms
Docs: https://tailscale.com/kb/
Main PID: 658 (code=exited, status=1/FAILURE)
CPU: 161ms
Apr 22 06:57:24 ct999 systemd[1]: tailscaled.service: Failed with result 'exit-code'.
Apr 22 06:57:24 ct999 systemd[1]: tailscaled.service: Scheduled restart job, restart counter is at 5.
Apr 22 06:57:24 ct999 systemd[1]: Stopped Tailscale node agent.
Apr 22 06:57:24 ct999 systemd[1]: tailscaled.service: Start request repeated too quickly.
Apr 22 06:57:24 ct999 systemd[1]: tailscaled.service: Failed with result 'exit-code'.
Apr 22 06:57:24 ct999 systemd[1]: Failed to start Tailscale node agent.
[root@ct999 ~]# echo 'net.ipv4.ip_forward = 1' | sudo tee -a /etc/sysctl.d/99-tailscale.conf
net.ipv4.ip_forward = 1
[root@ct999 ~]# echo 'net.ipv6.conf.all.forwarding = 1' | sudo tee -a /etc/sysctl.d/99-tailscale.conf
net.ipv6.conf.all.forwarding = 1
[root@ct999 ~]# sudo sysctl -p /etc/sysctl.d/99-tailscale.conf
net.ipv4.ip_forward = 1
net.ipv6.conf.all.forwarding = 1
트러블슈팅
root@pve:~# vi /etc/pve/lxc/999.conf
## 아래내용 추가 ##
lxc.cgroup2.devices.allow: c 10:200 rwm
lxc.mount.entry: /dev/net dev/net none bind,create=dir
[root@ct999 ~]# systemctl status tailscaled
● tailscaled.service - Tailscale node agent
Loaded: loaded (/usr/lib/systemd/system/tailscaled.service; enabled; preset: disabled)
Active: active (running) since Mon 2024-04-22 07:36:02 UTC; 1min 13s ago
Docs: https://tailscale.com/kb/
Main PID: 92 (tailscaled)
Status: "Stopped; run 'tailscale up' to log in"
Tasks: 9 (limit: 20960)
Memory: 34.9M
CPU: 197ms
CGroup: /system.slice/tailscaled.service
└─92 /usr/sbin/tailscaled --state=/var/lib/tailscale/tailscaled.state --socket=/run/tailscale/tailscaled.sock --port=41641
Apr 22 07:36:02 ct999 tailscaled[92]: Backend: logs: be:71ec7fcff44e6b539855b4b0543ac79ad87d4d759222565e89e4ae7809374b7e fe:
Apr 22 07:36:02 ct999 tailscaled[92]: Switching ipn state NoState -> NeedsLogin (WantRunning=false, nm=false)
Apr 22 07:36:02 ct999 tailscaled[92]: blockEngineUpdates(true)
Apr 22 07:36:02 ct999 tailscaled[92]: wgengine: Reconfig: configuring userspace WireGuard config (with 0/0 peers)
Apr 22 07:36:02 ct999 tailscaled[92]: wgengine: Reconfig: configuring router
Apr 22 07:36:02 ct999 tailscaled[92]: wgengine: Reconfig: configuring DNS
Apr 22 07:36:02 ct999 tailscaled[92]: dns: Set: {DefaultResolvers:[] Routes:{} SearchDomains:[] Hosts:0}
Apr 22 07:36:02 ct999 tailscaled[92]: dns: Resolvercfg: {Routes:{} Hosts:0 LocalDomains:[]}
Apr 22 07:36:02 ct999 tailscaled[92]: dns: OScfg: {}
Apr 22 07:36:02 ct999 tailscaled[92]: health("overall"): error: state=NeedsLogin, wantRunning=false
[root@ct999 ~]# tailscale up
To authenticate, visit:
https://login.tailscale.com/a/123456789
https://tailscale.com/kb/1183/install-centos-stream-9
Setting up Tailscale on CentOS Stream 9 · Tailscale Docs
Setting up Tailscale on CentOS Stream 9 Packages are available for x86 and ARM CPUs, in both 32-bit and 64-bit variants. Add the Tailscale repository and install Tailscale: sudo dnf config-manager --add-repo https://pkgs.tailscale.com/stable/centos/9/tails
tailscale.com
https://tailscale.com/kb/1103/exit-nodes?tab=linux
Exit Nodes (route all traffic) · Tailscale Docs
Docs›How-to Guides›Set up an exit node Exit Nodes (route all traffic) Exit nodes capture all your network traffic, which is often not what you want. To configure Tailscale to only route certain subnets (the more common configuration), read about subnet
tailscale.com
https://tailscale.com/kb/1019/subnets
Subnet routers and traffic relay nodes · Tailscale Docs
Docs›How-to Guides›Set up a subnet router Subnet routers and traffic relay nodes Tailscale works best when the client app is installed directly on every client, server, and VM in your organization. That way, traffic is end-to-end encrypted, and no conf
tailscale.com
https://medium.com/@rar1871/proxmox-running-tailscale-7929b3eaa31f
Proxmox: Running Tailscale
Tailscale is a ‘mesh VPN’ that allows you to securely connect to your services hosted at home from anywhere in the world. Lets set it up!
medium.com
https://svrforum.com/svr/940861
Tailscale의 Subnet Router와 Exit Node에 대해서 알아보기 (2부)
안녕하세요. 달소입니다. 앞서 Tailscale에 대한 소개와 기본 연결에 대해서 진행해봤습니다. Tailscale이란 무엇인가?? 기본적인 개념과 사용방법.[서버 구축(Self-Hosted)] 달소 2023.09.09 안녕하세요. 달
svrforum.com
https://svrforum.com/svr/1232357
Docker와 함께 Tailscale을 사용하는 방법
오호,,, 사이드카 형식으로도 붙일 수 있군요. 특정 컨테이너에 이런식으로 붙힌다면 간단하게 vpn으로 특정 컨테이너만 태울수도있겠네요. Contain your excitement: A deep dive into using Tailscale with Dockert.
svrforum.com
728x90
반응형
'# Virtualation > Docker' 카테고리의 다른 글
| docker-compose update (0) | 2024.04.28 |
|---|---|
| 도커 iptables 차단룰 추가 (0) | 2024.04.23 |
| Vaultwarden install(ft. 패스워드 관리) (0) | 2024.04.22 |
| GoAccess install(ft. NPM 로깅) (0) | 2024.04.19 |
| watchtower(ft. 컨테이너 자동 업데이트) (0) | 2024.04.19 |
@다크쉐라빔 :: 다크쉐라빔의 주절주절
안녕하세요. 이곳은 IT위주의 잡다한 정보를 올려두는 개인 블로그입니다.
포스팅이 좋았다면 "좋아요❤️" 또는 "구독👍🏻" 해주세요!
